Computer Bug.

  • Thread starter Thread starter Tree Reb
  • Start date Start date
  • Replies Replies 12
  • Views Views 2K

Tree Reb

TreeHouser
Joined
Oct 21, 2008
Messages
2,374
Location
South Pacific.
Somehow I picked up a bug, first time in 6 years, malware called Total Security, it got past AVG.

I remember some of you use that. If you Google "Total Security" you'll find a lot about it. Very hard to get rid of.

Anyway, I think I have thanks to this place. http://www.malwarebytes.org/forums/index.php?act=idx

http://www.malwarebytes.org/forums/index.php?showforum=30

Very helpful guys, there is a free download on here. It runs with any Anti Virus program, no problem. http://www.malwarebytes.org/mbam.php
 
  • Thread Starter Thread Starter
  • #3
It keeps sending false security warnings, then disappears. It then can stay hidden and collect info by keystrokes etc.

This malware stuff is new to me but it was worth the time. I'm not doing any banking or paypal until I'm sure it's fixed. :(
 
  • Thread Starter Thread Starter
  • #5
I'll have to check that, thanks.

Those guys speak another language, but they sure know a lot. :)
 
I just ran the scan and it found a malware trace, I deleted it and am now running a full scan to see if it really has gone.
 
Thanks. I downloaded it but I'm not going to install it unless I have a problem. I'll just save it and that way I'm not trying to download the file with a compromised OS later.

Are you running IE or Firefox for your browser?
 
Scanning thru here, you can see that the same steps with malwarebytes removes many things. But, also, you can get an idea of the various types of scams etc.; that will perhaps make it easier to sight and feel out many future not listed confidentally. http://www.malwarebytes.org/forums/index.php?showforum=39.

Downloading and running can help. Downloading, rebooting, and running in safe mode even more sure, because less other stuff running, and perhaps the malware itself not running. Some malware can site out the names of the malwarebytes files and stop them dead. Work around is to download on 'healthy' computer, then rename malwarebytes file, then bring to sick computer, and run; run in safe mode even better.

One step better, would be not to run infected drive at all, but rather boot to another drive, and scan infected drive. This could be by booting to a cd, and running malwarebytes from there to scan infected drive, or connecting infected drive as a secondary/slave drive, and run another drive as primary/master drive, and scan infected or both drives. booting to infected drive gives chance for malware to run, hide, even rebirth self if tracked and killed etc. Vids of making and running boots from cd

Many scams exploit the same 'hole'/s in windows to enter, so same tool can help; with these different flavours of the same theme. Bad guys have forums too(lead guy calls himself 'The Father'); they give away and sell apps, that can formulate malware exploits with different effects, but many working on same mechanics. Many of these things take form off of US soil, many are of the hate Americans etc. faith and philosophy, some is just greed etc.


http://superantispyware.com/ is another good, strong freebie; for a different type of coverage.

http://www.freefixer.com/ is good too, if you know a little more of what you are doing. -Nothing gets everything!

These 2 should be able to scan from a cd boot too.

And also, http://www.threatfire.com/download/ for Zer0 day malware- this discovers stuff not by specific signature; but rather by 'personality'. So, can catch stuff before definitions are developed that other stuff tracks by. Usually bad guys make malware, then people have to catch it, complain, notice by anti-malware makers have to notice, take seriously, develop 'cure' disperse cure, and you update, and run; while bad guys are trying to workaround cure as cycle continues. Zer0Day stuff tries to do end run around that possibly long timeline and help sooner.

http://greatis.com/appdata/
http://www.bleepingcomputer.com
http://www.kephyr.com/filedb/index.php
are very good databases for any questionable apps/ startups that might be suspect. Also, for same for turning off some unneeded stuff, that could dump extra 'weight', and streamline sys to run faster. They can also be used in tandem with freefixer link to further

sysinternals : Autoruns is like windows msconfig on steroids, to possibly catch more stuff, but takes more computer literacy. And sysinternals: Process Explorer is then like windows task manager on steroids. These, with the database tools can give some powerful insights into what is going on inside sys, for streamlining for power, and also fighting malware. They are written by Mark Russinovich, this decade's Peter Norton. Mr. Russinovich and his apps were just grabbed up a year ago by Microsoft-after previously being thrown out for wearing a "blue screen of death T-shirt when visiting Microsoft. He even has Free Vids-but they can be very intense..
 
  • Thread Starter Thread Starter
  • #13
Thanks TreeSpyder.

I just got this email from one of my email accounts. Sort of funny, I mainly use it for subscribed threads from another forum I used to go. :X

From: ausi.com

To: undisclosed-recipients: ;

Subject: VIRUS CORRECTED

Date: Mon 08/24/09 06:03 AM

Hello all AUSI.COM users.

A short note to advise all users that the site was hijacked for a few
hours on 21/8/2009 and a Trojan Virus was attached to the home page.

This has now been corrected

Regards

Ken

AUSI.COM
http://ausi.com
 
Back
Top